<?php
/*
  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2003 osCommerce
  Copyright (c) 2008 Last Chance

  Released under the GNU General Public License

  Based on admin order by:
  Written by Jonathan Hilgeman of SiteCreative.com (osc@sitecreative.com)
  Version History

*/

  require('includes/application_top.php');
  require(DIR_WS_FUNCTIONS . 'c_orders.php');
  require(DIR_WS_CLASSES . 'currencies.php');
  $currencies = new currencies();

  // require(DIR_WS_CLASSES . 'PriceFormatter.php');
  // $pf = new PriceFormatter;

  include(DIR_WS_CLASSES . 'pos_order.php');

 // Optional Tax Rate/Percent
  $AddShippingTax = "0.0"; // e.g. shipping tax of 17.5% is "17.5"

  // intilize variables
  $update_info_cc_number = '';
  $update_info_cc_expires = '';
  $update_info_cc_ccv = '';
  $cc_ccv10 = '';
  $update_products = '';
  $update_totals = '';
  $add_products_model = '';
  $add_products_name = '';
  $add_products_price = '';
  $products_tax_class_id = '';
  $add_product_options = '';
  $item_has_down = '';
  $products_options_name = '';
  $AddedOptionsPrice = '';
  $customer_id = '' ;

        if (isset($_GET['product_count'])) {
              $product_count = $_GET['product_count'] ;
            }else if (isset($_POST['product_count'])){
              $product_count = $_POST['product_count'] ;
            } else {
             $product_count = '' ;
    }
  // New "Status History" table has different format.
  $OldNewStatusValues = (tep_field_exists(TABLE_POS_STATUS_HISTORY, "old_value") && tep_field_exists(TABLE_POS_STATUS_HISTORY, "new_value"));
  $CommentsWithStatus = tep_field_exists(TABLE_POS_STATUS_HISTORY, "comments");
  $SeparateBillingFields = tep_field_exists(TABLE_POS, "billing_name");



  // Optional Tax Rate/Percent
  $AddShippingTax = "0.0"; // e.g. shipping tax of 17.5% is "17.5"

  $pos_statuses = array();
  $pos_status_array = array();
  $pos_status_query = tep_db_query("select pos_status_id, pos_status_name from " . TABLE_POS_STATUS . " where language_id = '" . (int)$languages_id . "'");
  while ($pos_status = tep_db_fetch_array($pos_status_query)) {
    $pos_statuses[] = array('id' => $pos_status['pos_status_id'],
                               'text' => $pos_status['pos_status_name']);
    $pos_status_array[$pos_status['pos_status_id']] = $pos_status['pos_status_name'];
  }
//get shipping method
  $poss_ship_method = array();
  $poss_ship_method_array = array();
  $poss_ship_method_query = tep_db_query("select ship_method from orders_ship_methods where ship_method_language = '" . (int)$languages_id . "'");
  while ($poss_ship_methods = tep_db_fetch_array($poss_ship_method_query)) {
    $poss_ship_method[] = array('id'   => $poss_ship_methods['ship_method'],
                                  'text' => $poss_ship_methods['ship_method']);
    $poss_ship_method_array[$poss_ship_methods['ship_method']] = $poss_ship_methods['ship_method'];
  }
//get pay method
  $poss_pay_method = array();
  $poss_pay_method_array = array();
  $poss_pay_method_query = tep_db_query("select pay_method from orders_pay_methods where pay_method_language =  '" . (int)$languages_id . "'");
  while ($poss_pay_methods = tep_db_fetch_array($poss_pay_method_query)) {
    $poss_pay_method[] = array('id'   => $poss_pay_methods['pay_method'],
                                  'text' => $poss_pay_methods['pay_method']);
    $poss_pay_method_array[$poss_pay_methods['pay_method']] = $poss_pay_methods['pay_method'];
  }
//get variables

 if (isset($_GET['posID'])){
$posID = tep_db_prepare_input($_GET['posID']);
}else if (isset($_POST['posID'])){
      $posID = $_POST['posID'] ;
    } else {
     $posID = '' ;
    }

if (isset($_GET['step'])) {
      $step = $_GET['step'] ;
    }else if (isset($_POST['step'])){
      $step = $_POST['step'] ;
    } else {
     $step = 1 ;
    }

// begin action
if (isset($_GET['action'])) {
      $action = $_GET['action'] ;
    }else if (isset($_POST['action'])){
      $action = $_POST['action'] ;
    } else {
     $action = 'edit' ;
    }

  if (tep_not_null($action)) {
    switch ($action) {

  //start a new pos
  case 'start_order':
//pos_create_order_process.php
 // unset($action);
   tep_redirect(tep_href_link(FILENAME_POS_CREATE_ORDER_PROCESS, tep_get_all_get_params(array('action')) , 'SSL'));

    break;
 // Update Order
  case 'update_order':


        if ($pos_updated == 1) {
       //  $messageStack->add_session('search', SUCCESS_ORDER_UPDATED, 'success');
        } else {
          $messageStack->add_session('search', WARNING_ORDER_NOT_UPDATED, 'warning');
        }
 //teoteo
 tep_redirect(tep_href_link(FILENAME_CREATE_POS_ORDERS, tep_get_all_get_params(array('action')) . 'posID=' . $posID . '&action=edit', 'SSL'));

  break;
//********************* add product *************
  // Add a Product
  case 'add_product':
        if($step == 5) {
            // Get Order Info
//$customer_id = $pos->customer['id'];
         $pos = new pos($posID);

   if (isset($_GET["add_product_options"])) {
      $add_product_options = $_GET["add_product_options"] ;
    }else if (isset($_POST["add_product_options"])){
      $add_product_options = $_POST["add_product_options"] ;
    } else {
      $add_product_options = array() ;
   }
         $add_product_products_id = (isset($_POST['add_product_products_id']) ? $_POST['add_product_products_id'] : '');
         $add_product_quantity = (isset($_POST['add_product_quantity']) ? $_POST['add_product_quantity'] : '');
         $customer_id = (isset($pos->customer['id']) ? $pos->customer['id'] : '');

// intialize for first attribute
         $AddedOptionsPrice = 0;
         $option_is_text = 0;
         $item_has_down = 0;
         $query_products_options_values = '';
         $products_options_values= '';

  $customer_id = $pos->customer['id'];
   //gets customer group ID
  if($customer_id == "") {
    $customer_group_id="G";
  } else {
    $getcustomer_GroupID_query = tep_db_query("select customers_group_id   from " . TABLE_CUSTOMERS . " where  customers_id = '" . (int)$customer_id . "'");
    $getcustomer_GroupID = tep_db_fetch_array($getcustomer_GroupID_query);
    $customer_group_id=$getcustomer_GroupID['customers_group_id'];
  }

    // Get Product Info
    $product_info_guery_1 = tep_db_query("select
     pd.products_name,
     p.products_id,
     p.products_price,
     p.products_tax_class_id,
     p.products_model,
     p.products_status
    FROM " . TABLE_PRODUCTS . " p,
         " . TABLE_PRODUCTS_DESCRIPTION . " pd
    where
     p.products_id = '" . $add_product_products_id . "'
     and pd.products_id = p.products_id
     and pd.language_id = '" . (int)$languages_id . "'
    ");
            while ($product_info_array = tep_db_fetch_array($product_info_guery_1)){
                    $add_products_model = $product_info_array['products_model'];
                    $add_products_name = $product_info_array['products_name'] ;
                    $add_products_price = $product_info_array['products_price'];
                    $products_tax_class_id = $product_info_array['products_tax_class_id'];
                }

     $special_price = tep_get_products_special_price($add_product_products_id, $customer_id);

      if ( (isset($special_price )) && ($special_price > 0)) {
             $p_products_price = $special_price;
       }

//if price is 0, get the regular price
if($p_products_price == 0){
    $product_price_query = tep_db_query("select products_price from " . TABLE_PRODUCTS . " where products_id = '" . $add_product_products_id . "'");
    if (tep_db_num_rows($product_price_query)) {
      $product_price = tep_db_fetch_array($product_price_query);
    $p_products_price = $product_price['products_price'];
    }
}
      // Following functions are defined at the bottom of this file
      $CountryID = tep_get_country_id($pos->delivery["country"]);
      $ZoneID = tep_get_zone_id($CountryID, $pos->delivery["state"]);

      $ProductsTax = tep_get_tax_rate($products_tax_class_id, $CountryID, $ZoneID);

                $Query = "insert into " . TABLE_POS_PRODUCTS . " set
                pos_id = '" . $posID . "',
                products_id = '" . $add_product_products_id . "',
                products_model = '" . $add_products_model . "',
                products_name = '" . str_replace("'", "&#39;", $add_products_name) . "',
                products_price = '" . $p_products_price . "',
                final_price = '" . ($p_products_price + $AddedOptionsPrice) . "',
                products_tax = '" . $ProductsTax . "',
                products_quantity = '" . $add_product_quantity . "'";
            tep_db_query($Query);
            $new_product_id = tep_db_insert_id();

  // Get Product Attribute Info

   if( (isset($add_product_options)) && (is_array($add_product_options)) ){

foreach($add_product_options as $attri_id => $attri_option_value_id){

//check for sub product
    $products_id_tmp = $add_product_products_id;
      if(tep_subproducts_parent($products_id_tmp)){
          $products_id_query = tep_subproducts_parent($products_id_tmp);
        }else{
          $products_id_query = $products_id_tmp;
        }


//get option type:
$attributes_type_query = tep_db_query("select pa.products_attributes_id, pa.options_values_id, po.options_type
          FROM
          " . TABLE_PRODUCTS_ATTRIBUTES . " pa,
          " . TABLE_PRODUCTS_OPTIONS . " po
        WHERE
        pa.products_id = '" . $products_id_query . "'
        and pa.products_attributes_id = '" . $attri_id. "'
        and po.products_options_id = pa.options_id" );

while ($attributes_type = tep_db_fetch_array($attributes_type_query)){
        $attributes_options_type = $attributes_type['options_type'];
}

// if drop down select
if($attributes_options_type == 0){
$attri_id = $attri_option_value_id ;
}

//echo '$attri_id ' . $attri_id ;
//echo  '$attri_option_value_id ' . $attri_option_value_id;
////echo '$attributes_options_type ' . $attributes_options_type;
//echo '<br>';

//check box array
if (is_array($attri_option_value_id)){
    $attri_option_value_id_tmp = $attri_option_value_id ;
   foreach($attri_option_value_id_tmp as $attri_option_id_tmp => $attri_option_value_id_tmp){
    $attri_option_id = $attri_option_id_tmp ;
    $attri_option_value_id= $attri_option_value_id_tmp;
   }

unset($attri_option_value_id);
 }
//intialize values
$option_is_text = 0;
$item_has_down = 0;
$query_products_options_values = '';
$products_options_values= '';


// check to see if there is a downloadable file
  if (DOWNLOAD_ENABLED ==  1) {
//check for downloads
     $attributes_download_query = tep_db_query("select pa.products_attributes_id, poval.products_options_values_id, pa.products_id, pa.options_id, pa.options_values_id, pa.options_values_price, pa.price_prefix, poptt.products_options_name, poval.products_options_values_name, pad.products_attributes_filename, pad.products_attributes_maxdays, pad.products_attributes_maxcount  FROM
     " . TABLE_PRODUCTS_OPTIONS . " popt,
     " . TABLE_PRODUCTS_OPTIONS_TEXT . " poptt,
     " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval,
     " . TABLE_PRODUCTS_ATTRIBUTES . " pa,
     " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
   WHERE
    pa.products_id = '" . $products_id_query . "'
    and pa.products_attributes_id = '" . $attri_id. "'
    and poptt.products_options_text_id = pa.options_id
    and poval.products_options_values_id =  pa.options_values_id
    and poptt.language_id = '" . (int)$languages_id . "'
    and poval.language_id = '" . (int)$languages_id . "'
   and pad.products_attributes_id = pa.products_attributes_id
  order by pa.products_options_sort_order
    limit 1");

 if (tep_db_num_rows($attributes_download_query)) {
   $item_has_down = '1';
   } // end if tep_db_num_rows
}// end if DOWNLOAD_ENABLED

//check for text
  if($attributes_options_type != '1' && $attributes_options_type != '4'){
    $query_products_options_values = $attri_option_value_id ;
    $option_is_text = 0 ;
  }else{
    if (!empty($attri_option_value_id)){
     $query_products_options_values = 0;
     $option_is_text = 1 ;
   }
  }

// get attibutes data
if ($item_has_down == '1')  {
  $attributes_query = tep_db_query("select pa.products_attributes_id, poval.products_options_values_id, pa.products_id, pa.options_id, pa.options_values_id, pa.options_values_price, pa.price_prefix, poptt.products_options_name, poval.products_options_values_name, pad.products_attributes_filename, pad.products_attributes_maxdays, pad.products_attributes_maxcount  FROM
  " . TABLE_PRODUCTS_OPTIONS . " popt,
  " . TABLE_PRODUCTS_OPTIONS_TEXT . " poptt,
  " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval,
  " . TABLE_PRODUCTS_ATTRIBUTES . " pa,
  " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
   WHERE
    pa.products_id = '" . $products_id_query . "'
    and pa.products_attributes_id = '" . $attri_id. "'
  and poptt.products_options_text_id = pa.options_id
  and poval.products_options_values_id =  pa.options_values_id
  and poptt.language_id = '" . (int)$languages_id . "'
  and poval.language_id = '" . (int)$languages_id . "'
  and pad.products_attributes_id = pa.products_attributes_id
  order by pa.products_options_sort_order
  limit 1
  ");
} else if (($item_has_down == '0') && ($option_is_text == 0)){
  $attributes_query = tep_db_query("select pa.products_attributes_id, poval.products_options_values_id, pa.products_id, pa.options_id, pa.options_values_id, pa.options_values_price, pa.price_prefix, poptt.products_options_name, poval.products_options_values_name from
  " . TABLE_PRODUCTS_OPTIONS . " popt,
  " . TABLE_PRODUCTS_OPTIONS_TEXT . " poptt,
  " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval,
  " . TABLE_PRODUCTS_ATTRIBUTES . " pa
where
    pa.products_id = '" . $products_id_query . "'
    and pa.products_attributes_id = '" . $attri_id. "'
  and poptt.products_options_text_id = pa.options_id
  and poval.products_options_values_id =  pa.options_values_id
  and poptt.language_id = '" . (int)$languages_id . "'
  and poval.language_id = '" . (int)$languages_id . "'
  order by pa.products_options_sort_order
  limit 1
  ");
   } else if ($option_is_text == 1){
  $attributes_query = tep_db_query("select poval.products_options_values_id, pa.products_attributes_id, pa.products_id, pa.options_id, pa.options_values_id, pa.options_values_price, pa.price_prefix, poptt.products_options_name  FROM
  " . TABLE_PRODUCTS_OPTIONS . " popt,
  " . TABLE_PRODUCTS_OPTIONS_TEXT . " poptt,
  " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval,
  " . TABLE_PRODUCTS_ATTRIBUTES . " pa
   WHERE
    pa.products_id = '" . $products_id_query . "'
    and pa.products_attributes_id = '" . $attri_id. "'
  and poptt.products_options_text_id = pa.options_id
  and poptt.language_id = '" . (int)$languages_id . "'
  order by pa.products_options_sort_order
  limit 1
  ");
    }

while  ($attributes = tep_db_fetch_array($attributes_query)){
  if($option_is_text == 1){
    $products_options_values = htmlentities(stripslashes($attri_option_value_id), ENT_QUOTES);
   }else{
    $products_options_values = $attributes['products_options_values_name'];
  }

  $pos_products_id = $new_product_id;
  $products_options = $attributes['products_options_name'];
  $options_values_price = $attributes['options_values_price'];
  $price_prefix = $attributes['price_prefix'];
  $products_options_id = $attributes['options_id'];
  $products_options_values_id = $attributes['options_values_id'];

//downloads
if ($item_has_down == '1') {
$poss_products_filename = $attributes['products_attributes_filename'];
$download_maxdays = $attributes['products_attributes_maxdays'];
$download_count = $attributes['products_attributes_maxcount'];
    }

//add attibute price to product price
 if ($price_prefix == '+'){
   $AddedOptionsPrice += $options_values_price;
  }else{
   $AddedOptionsPrice -= $options_values_price;
  }

// update final price
$product_price_update = tep_db_query("select final_price from
                             " . TABLE_POS_PRODUCTS . "
                            where
                            pos_id = $posID and
                            pos_products_id = $pos_products_id ");
  while  ($product_price_array_1 = tep_db_fetch_array($product_price_update)){
    $Query_final_price = "update " . TABLE_POS_PRODUCTS . " set
     final_price = '" . ($p_products_price + $AddedOptionsPrice) . "'
  where pos_id = $posID and pos_products_id = $pos_products_id ";
   tep_db_query($Query_final_price);
 }

if(isset($add_product_options)){
   $Query = "insert into " . TABLE_POS_PRODUCTS_ATTRIBUTES . " set
               pos_id = $posID,
               pos_products_id = $pos_products_id,
               products_options = '". $products_options . "',
               products_options_values = '" . $products_options_values . "',
               options_values_price = $options_values_price,
               price_prefix = '" . $price_prefix . "',
               products_options_id = '" . $products_options_id . "' ,
               products_options_values_id =  '" . $products_options_values_id . "' ";

  tep_db_query($Query);
 }

// add download insert
          if ((DOWNLOAD_ENABLED ==  1) && isset($poss_products_filename) && tep_not_null($poss_products_filename)) {
            $sql_data_array = array('pos_id' => $posID,
                                    'pos_products_id' => $new_product_id,
                                    'orders_products_filename' => $poss_products_filename,
                                    'download_maxdays' => $download_maxdays,
                                    'download_count' => $download_count);
            tep_db_perform(TABLE_POS_PRODUCTS_DOWNLOAD, $sql_data_array);
           }


       } // end while get option
     }
    }
//add product info
// recalculate totals
  //UPDATE_INVENTORY_QUANTITY_START##############################################################################################################
  tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = products_quantity - " . $add_product_quantity . ", products_ordered = products_ordered + " . $add_product_quantity . " where products_id = '" . $add_product_products_id . "'");
  //UPDATE_INVENTORY_QUANTITY_END##############################################################################################################
//end add product info

//get total of product using order class
      $pos = new pos($posID);
      $RunningSubTotal = 0;
      $RunningTax = 0;

      for ($i=0; $i<sizeof($pos->products); $i++)
      {
      $RunningSubTotal += ($pos->products[$i]['qty'] * $pos->products[$i]['final_price']);
     //tax caculated on a per product bases
      $RunningTax += (($pos->products[$i]['tax'] / 100) * ($pos->products[$i]['qty'] * $pos->products[$i]['final_price']));
      }
    //subtotal to total
       $RunningTotal = $RunningSubTotal;
    //add tax
       $RunningTotal += $RunningTax;

      // Calculate Tax and Sub-Totals
   // get exsisting order details so we can update them

            $totals_query_5 = tep_db_query("select title as ot_title, text as ot_text, value as ot_value, class as ot_class  from " . TABLE_POS_TOTAL . " where pos_id = '" . $posID . "' order by sort_order");
          while ($totals_1 = tep_db_fetch_array($totals_query_5)) {
            $totals_array[] = array('ot_title' => $totals_1['ot_title'],
                              'ot_text' => $totals_1['ot_text'],
                              'ot_value' => $totals_1['ot_value'],
                              'ot_class' => $totals_1['ot_class']);
          }
//parse array
  for ($i=0, $n=sizeof($totals_array); $i<$n; $i++) {
    $totals = $totals_array[$i];

       //add other order totals
          if ($totals['ot_class'] == "ot_shipping" || $totals['ot_class'] == "ot_custom" || $totals['ot_class'] == "ot_cod_fee") {
            // add ot_ items not already added
            $RunningTotal += $totals['ot_value'] / $pos->info['currency_value'];
       //deduct discounts
           } else if($totals['ot_class'] == "ot_coupon" ||$totals['ot_class'] == "ot_customer_discount" || $totals['ot_class'] == "ot_discount" || $totals['ot_class'] == "ot_gv" || $totals['ot_class'] == "ot_lev_discount" ){
          //subtract discounts
          $RunningTotal -= $totals['ot_value'] / $pos->info['currency_value'];
          }

      // Tax
      $Query = "update " . TABLE_POS_TOTAL . " set
        text = '\$" . number_format($RunningTax, 2, '.', ',') . "',
        value = '" . $RunningTax . "'
        where class='ot_tax' and pos_id=$posID";
      tep_db_query($Query);

      // Sub-Total
      $Query = "update " . TABLE_POS_TOTAL . " set
        text = '\$" . number_format($RunningSubTotal, 2, '.', ',') . "',
        value = '" . $RunningSubTotal . "'
        where class='ot_subtotal' and pos_id=$posID";
      tep_db_query($Query);

      $Query = "update " . TABLE_POS_TOTAL . " set
        text = '<b>\$" . number_format($RunningTotal, 2, '.', ',') . "</b>',
        value = '" . $RunningTotal . "'
        where class='ot_total' and pos_id=$posID";
      tep_db_query($Query);

  } //end of for
  tep_redirect(tep_href_link(FILENAME_CREATE_POS_ORDERS, tep_get_all_get_params(array('action')) . 'posID=' . $_GET['posID'] . '&action=edit', 'SSL'));
    }
  break;

// Remove CVV Number
    case 'deleteccinfo':
      $posID = (int)$_GET['posID'];
      tep_db_query("update " . TABLE_POS . " set cc_ccv = null where pos_id = '" . tep_db_input($posID) . "'");
      tep_db_query("update " . TABLE_POS . " set cc_number = '0000000000000000' where pos_id = '" . tep_db_input($posID) . "'");
      tep_db_query("update " . TABLE_POS . " set cc_expires = null where pos_id = '" . tep_db_input($posID) . "'");
      tep_db_query("update " . TABLE_POS . " set cc_start = null where pos_id = '" . tep_db_input($posID) . "'");
      tep_db_query("update " . TABLE_POS . " set cc_issue = null where pos_id = '" . tep_db_input($posID) . "'");

      tep_redirect(tep_href_link(FILENAME_CREATE_POS_ORDERS, 'posID=' . $posID . '&action=edit'));
      break;

    } //end action
  }// end action NUll

  if (($action == 'edit') && isset($_GET['posID'])) {
    $posID = (int)$_GET['posID'];

    $poss_query = tep_db_query("select pos_id from " . TABLE_POS . " where pos_id = '" . (int)$posID . "'");
    $pos_exists = 1;
    if (!tep_db_num_rows($poss_query)) {
      $pos_exists = 0;
      $messageStack->add('search', sprintf(ERROR_ORDER_DOES_NOT_EXIST, $posID), 'error');
    }
  }
//pre page display code

require('includes/classes/http_client.php');

require(DIR_WS_LANGUAGES . $language . '/' . 'pos_order.php');



// if no shipping destination address was selected, use the customers own address as default
if (!tep_session_is_registered('sendto')) {
tep_session_register('sendto');
$sendto = $customer_default_address_id;
} else {
// verify the selected shipping address
$check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$sendto . "'");
$check_address = tep_db_fetch_array($check_address_query);

if ($check_address['total'] != '1') {
$sendto = $customer_default_address_id;
if (tep_session_is_registered('shipping')) tep_session_unregister('shipping');
}
}
// if no billing destination address was selected, use the customers own address as default
if (!tep_session_is_registered('billto')) {
tep_session_register('billto');
$billto = $customer_default_address_id;
} else {
// verify the selected billing address
$check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$billto . "'");
$check_address = tep_db_fetch_array($check_address_query);

if ($check_address['total'] != '1') {
$billto = $customer_default_address_id;
if (tep_session_is_registered('payment')) tep_session_unregister('payment');
}
}


//the next 4 lines are for ccgv
 require(DIR_WS_CLASSES . 'pos_order_total.php');

$pos_order_total_modules = new pos_order_total;
/*$pos_order_total_modules->collect_posts();
$pos_order_total_modules->pre_confirmation_check(); */

require(DIR_WS_CLASSES . 'pos_order.php');
$order = new pos;
require(DIR_WS_CLASSES . 'pos_payment.php');
$payment_modules = new payment;


$total_weight = $cart->show_weight();
$total_count = $cart->count_contents();


require(DIR_WS_CLASSES . 'shipping.php');
$shipping_modules = new shipping;
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($cart->count_contents() < 1) {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
}

// register a random ID in the session to check throughout the checkout procedure
// against alterations in the shopping cart contents
if (!tep_session_is_registered('cartID')) tep_session_register('cartID');
$cartID = $cart->cartID;

// if the order contains only virtual products, forward the customer to the billing page as
// a shipping address is not needed
if ($order->content_type == 'virtual') {
if (!tep_session_is_registered('shipping')) tep_session_register('shipping');
$shipping = false;
$sendto = false;
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
}
tep_session_unregister('billing');
tep_session_unregister('payment');
if (isset($_POST['payment'])) $payment = $_POST['payment'];
if (!tep_session_is_registered('payment')) tep_session_register('payment');



if($n==1){

if (isset($_POST['save_x'])){
$paynow=3;
}
if (isset($_POST['preview_x'])){
$paynow=5;
}


//i commented this out so payment is not required in this page and total can be accessed
/*if ( ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) || (is_object($$payment) && ($$payment->enabled == false)) ) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL'));
*/
tep_session_unregister('payment');
$payment_modules->update_status();
}
if (is_array($payment_modules->modules)) {
$payment_modules->pre_confirmation_check();
}
//}
while (list($key, $value) = each($_POST))
{
tep_session_register($key);
}
if ( defined('MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING') && (MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING == 'true') ) {
$pass = false;

switch (MODULE_ORDER_TOTAL_SHIPPING_DESTINATION) {
case 'national':
if ($order->delivery['country_id'] == STORE_COUNTRY) {
$pass = true;
}
break;
case 'international':
if ($order->delivery['country_id'] != STORE_COUNTRY) {
$pass = true;
}
break;
case 'both':
$pass = true;
break;
}

$free_shipping = false;
if ( ($pass == true) && ($order->info['total'] >= MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER) ) {
$free_shipping = true;

include(DIR_WS_LANGUAGES . $language . '/modules/order_total/ot_shipping.php');
}
} else {
$free_shipping = false;
}

// process the selected shipping method
if ( isset($_POST['action']) && ($_POST['action'] == 'process') ) {
if (!tep_session_is_registered('comments')) tep_session_register('comments');
if (tep_not_null($_POST['comments'])) {
$comments = tep_db_prepare_input($_POST['comments']);
}

if (!tep_session_is_registered('shipping')) tep_session_register('shipping');

if ( (tep_count_shipping_modules() > 0) || ($free_shipping == true) ) {
if ( (isset($_POST['shipping'])) && (strpos($_POST['shipping'], '_')) ) {
$shipping = $_POST['shipping'];

list($module, $method) = explode('_', $shipping);
if ( is_object($$module) || ($shipping == 'free_free') ) {
if ($shipping == 'free_free') {
$quote[0]['methods'][0]['title'] = FREE_SHIPPING_TITLE;
$quote[0]['methods'][0]['cost'] = '0';
} else {
$quote = $shipping_modules->quote($method, $module);
}
if (isset($quote['error'])) {
tep_session_unregister('shipping');
} else {
if ( (isset($quote[0]['methods'][0]['title'])) && (isset($quote[0]['methods'][0]['cost'])) ) {
$shipping = array('id' => $shipping,
'title' => (($free_shipping == true) ? $quote[0]['methods'][0]['title'] : $quote[0]['module'] . ' (' . $quote[0]['methods'][0]['title'] . ')'),
'cost' => $quote[0]['methods'][0]['cost']);

tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION,'paynow='.$paynow, 'SSL'));
}
}
} else {
tep_session_unregister('shipping');
}
}
} else {
$shipping = false;

tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'paynow='.$paynow, 'SSL'));
}
}

// get all available shipping quotes
$quotes = $shipping_modules->quote();

// if no shipping method has been selected, automatically select the cheapest method.
// if the modules status was changed when none were available, to save on implementing
// a javascript force-selection method, also automatically select the cheapest shipping
// method if more than one module is now enabled
if ( !tep_session_is_registered('shipping') || ( tep_session_is_registered('shipping') && ($shipping == false) && (tep_count_shipping_modules() > 1) ) ) $shipping = $shipping_modules->cheapest();
require(DIR_WS_LANGUAGES . $language . '/' . pos_checkout_shipping.php);
require(DIR_WS_LANGUAGES . $language . '/' . 'pos_checkout_payment.php');


?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
<script type="text/javascript" src="includes/menu.js"></script>
<script type="text/javascript" src="includes/general.js"></script>
<script type="text/javascript"><!--
function popupWindow(url) {
  window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=yes,copyhistory=no,width=650,height=500,screenX=150,screenY=150,top=150,left=150')
}
//--></script>
</head>
<body bgcolor="#FFFFFF">
<!-- header //-->
<?php
  require(DIR_WS_INCLUDES . 'header.php');
?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
  <tr>
    <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
    </table></td>
<!-- body_text //-->
    <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<?php

//   $pos = new pos($posID);

  if ($action == 'edit')  {
  if (tep_not_null($posID) ){
   $pos = new pos($posID);
   }
?>

<!-- Begin Addresses Block -->
      <tr>
  <td><table width="100%" border="0" cellspacing="0" cellpadding="2">
    <tr>
      <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
    </tr>
    <tr>
      <td valign="top">
      <!-- Customer Info Block -->
    <table border="0" cellspacing="0" cellpadding="2">
    <td colspan='4' class="main" valign="top">
    <?php echo 'Temp Order id: ' . $posID ; ?>
    </td>
    </tr>
    <tr>
    <td colspan='4' class="main" valign="top">
    <?php echo tep_draw_form('edit_order', FILENAME_CREATE_POS_ORDERS, tep_get_all_get_params(array('action','paycc'), 'post', '', 'SSL') . 'action=update_order', 'post', '', 'SSL'); ?>

        <?php echo '<a href="' . tep_href_link(FILENAME_ADD_CUSTOMER, 'posID=' . $_GET['posID'] . '&action=addnew') . '">' . tep_image_button('button_add_customer.gif', 'Add Customer') . '&nbsp;</a>' ;?>
	    <?php echo '<a href="' . tep_href_link(FILENAME_FIND_CUSTOMER, 'posID=' . $_GET['posID'] . '&action=find') . '">' . tep_image_button('button_find_customer.gif', 'Find Customer ID') . '&nbsp;</a>';?>
        <?php echo '<a href="' . tep_href_link(FILENAME_CREATE_POS_ORDERS, 'action=start_order') . '">' . tep_image_button('button_start_order.gif', 'Start a New Sale') . '&nbsp;</a>';?>
   </form>
    <?php echo tep_draw_form('edit_order', FILENAME_CREATE_POS_ORDERS, tep_get_all_get_params(array('action','paycc'), 'post', '', 'SSL') . 'action=update_order', 'post', '', 'SSL'); ?>
     </td>

    <tr>
    <td colspan='2' class="main" valign="top"><b><?php echo ENTRY_CUSTOMER; ?></b>  </td>
    <td colspan='2' class="main" valign="top"><b><?php echo ENTRY_BILLING_ADDRESS; ?></b></td>
    </tr>
    <tr>
    <td colspan='2' class="main">
    <table border="0" cellspacing="0" cellpadding="2" class="infoBox">
      <tr>
      <td class="editOrder"><b><?php echo ENTRY_NAME ?></b></font></td>
      <td><input name='update_customer_name' size='37' value='<?php echo tep_html_quotes($pos->customer['name']); ?>'></td>
      </tr>
      <tr>
       <td  class="editOrder"><?php echo TABLE_HEADING_CUSTOMER_ID ?>  </td>
       <td><?php
       if ( $pos->customer['id'] == 0 ) {
       echo TABLE_HEADING_PWA ;
       }else{
       echo $pos->customer['id'];
       }
       ;?>  </td>
      </tr>
      <tr>
        <td class="editOrder"><b><?php echo ENTRY_COMPANY ?></b></font></td>
        <td><input name='update_customer_company' size='37' value='<?php echo tep_html_quotes($pos->customer['company']); ?>'></td>
      </tr>
      <tr>
        <td class="editOrder"><b><?php echo ENTRY_CUSTOMER_ADDRESS ?></b></font></td>
        <td><input name='update_customer_street_address' size='37' value='<?php echo tep_html_quotes($pos->customer['street_address']); ?>'></td>
      </tr>
      <tr>
        <td class="editOrder"><b><?php echo ENTRY_SUBURB ?></b></font></td>
        <td><input name='update_customer_suburb' size='37' value='<?php echo tep_html_quotes($pos->customer['suburb']); ?>'></td>
      </tr>
      <tr>
        <td class="editOrder"><b><?php echo ENTRY_CITY ?></b></font></td>
        <td><input name='update_customer_city' size='15' value='<?php echo tep_html_quotes($pos->customer['city']); ?>'> </td>
      </tr>
      <tr>
        <td class="editOrder"><b><?php echo ENTRY_STATE ?></b></font></td>
        <td><input name='update_customer_state' size='15' value='<?php echo tep_html_quotes($pos->customer['state']); ?>'> </td>
      </tr>
      <tr>
        <td class="editOrder"><b><?php echo ENTRY_POST_CODE ?></b></font></td>
        <td><input name='update_customer_postcode' size='5' value='<?php echo $pos->customer['postcode']; ?>'></td>
      </tr>
      <tr>
        <td class="editOrder"><b><?php echo ENTRY_COUNTRY ?></b></font></td>
        <td><input name='update_customer_country' size='37' value='<?php echo tep_html_quotes($pos->customer['country']); ?>'></td>
      </tr>
     </table>
    </td>


<?php if($SeparateBillingFields) { ?>
      <td>
       <!-- Billing Address Block -->
       <table border="0" cellspacing="0" cellpadding="2">

      <tr>
        <td colspan='2' class="main">
          <table border="0" cellspacing="0" cellpadding="2" class="infoBox">
          <tr>
            <td class="editOrder"><b><?php echo ENTRY_NAME ?></b></font></td>
              <td><input name='update_billing_name' size='37' value='<?php echo tep_html_quotes($pos->billing['name']); ?>'></td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_COMPANY ?></b></font></td>
              <td><input name='update_billing_company' size='37' value='<?php echo tep_html_quotes($pos->billing['company']); ?>'></td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_CUSTOMER_ADDRESS ?></b></font></td>
              <td><input name='update_billing_street_address' size='37' value='<?php echo tep_html_quotes($pos->billing['street_address']); ?>'></td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_SUBURB ?></b></font></td>
              <td><input name='update_billing_suburb' size='37' value='<?php echo tep_html_quotes($pos->billing['suburb']); ?>'></td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_CITY ?></b></font></td>
              <td><input name='update_billing_city' size='15' value='<?php echo tep_html_quotes($pos->billing['city']); ?>'> </td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_STATE ?></b></font></td>
              <td><input name='update_billing_state' size='15' value='<?php echo tep_html_quotes($pos->billing['state']); ?>'> </td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_POST_CODE ?></b></font></td>
              <td><input name='update_billing_postcode' size='5' value='<?php echo $pos->billing['postcode']; ?>'></td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_COUNTRY ?></b></font></td>
              <td><input name='update_billing_country' size='37' value='<?php echo tep_html_quotes($pos->billing['country']); ?>'></td>
            </tr>
          </table>
        </td>
      </tr>
    </table>
      </td>
<?php } ?>

    </tr>
    </table>
      </td>

      <td valign="top">
      <!-- Shipping Address Block -->
    <table border="0" cellspacing="0" cellpadding="2">
      <tr>
        <td class="main" valign="top"><b><?php echo ENTRY_SHIPPING_ADDRESS; ?></b></td>
      </tr>
      <tr>
        <td colspan='1' class="main">
          <table border="0" cellspacing="0" cellpadding="2" class="infoBox">
          <tr>
            <td class="editOrder"><b><?php echo ENTRY_NAME ?></b></font></td>
              <td><input name='update_delivery_name' size='37' value='<?php echo tep_html_quotes($pos->delivery['name']); ?>'></td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_COMPANY ?></b></font></td>
              <td><input name='update_delivery_company' size='37' value='<?php echo tep_html_quotes($pos->delivery['company']); ?>'></td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_CUSTOMER_ADDRESS ?></b></font></td>
              <td><input name='update_delivery_street_address' size='37' value='<?php echo tep_html_quotes($pos->delivery['street_address']); ?>'></td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_SUBURB ?></b></font></td>
              <td><input name='update_delivery_suburb' size='37' value='<?php echo tep_html_quotes($pos->delivery['suburb']); ?>'></td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_CITY ?></b></font></td>
              <td><input name='update_delivery_city' size='15' value='<?php echo tep_html_quotes($pos->delivery['city']); ?>'> </td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_STATE ?></b></font></td>
              <td><input name='update_delivery_state' size='15' value='<?php echo tep_html_quotes($pos->delivery['state']); ?>'> </td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_POST_CODE ?></b></font></td>
              <td><input name='update_delivery_postcode' size='5' value='<?php echo $pos->delivery['postcode']; ?>'></td>
            </tr>
            <tr>
              <td class="editOrder"><b><?php echo ENTRY_COUNTRY ?></b></font></td>
              <td><input name='update_delivery_country' size='37' value='<?php echo tep_html_quotes($pos->delivery['country']); ?>'></td>
            </tr>
          </table>
        </td>
        <td class="main" align="center" valign="middle">
          <font size="2" face="Arial,Helvetica,Geneva,Swiss,SunSans-Regular" color="red"><b><?php echo HEADING_INSTRUCT1 ?></b></font><br><br>
          <?php echo HEADING_INSTRUCT2 ?>

        </td>
       </tr>
      </table>
      </td>
    </tr>
  </table></td>
      </tr>
<!-- End Addresses Block -->

      <tr>
  <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
      </tr>

<!-- Begin Phone/Email Block -->
      <tr>
        <td><table border="0" cellspacing="0" cellpadding="2" class="infoBox">
          <tr>
            <td class="main"><b><?php echo ENTRY_TELEPHONE_NUMBER; ?></b></td>
            <td class="main"><input name='update_customer_telephone' size='15' value='<?php echo $pos->customer['telephone']; ?>'></td>
          </tr>
          <tr>
            <td class="main"><b><?php echo ENTRY_EMAIL_ADDRESS; ?></b></td>
            <td class="main"><input name='update_customer_email_address' size='35' value='<?php echo $pos->customer['email_address']; ?>'></td>
          </tr>
        </table></td>
      </tr>
<!-- End Phone/Email Block -->

      <tr>
  <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
      </tr>
<!-- Begin Products Listing Block -->
      <tr>
  <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
    <tr class="dataTableHeadingRow">
      <td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td>
      <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td>
      <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_TAX; ?></td>
      <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_BASE_PRICE; ?></td>
      <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_UNIT_PRICE; ?></td>
      <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_PRICE; ?></td>
<?php
  if ( DISPLAY_PRICE_WITH_TAX == 'true'){
    echo  '<td class="dataTableHeadingContent" align="right">' . TABLE_HEADING_TOTAL_PRICE_TAXED . '</td>';
    }
;?>
  </tr>

  <!-- Begin Products Listings Block -->
  <?php
        // Override order.php Class's Field Limitations
    $index = 0;
    $pos->products = array();
    $poss_products_query = tep_db_query("select * from " . TABLE_POS_PRODUCTS . " where pos_id = '" . (int)$posID . "'");
    while ($poss_products = tep_db_fetch_array($poss_products_query)) {
    $pos->products[$index] = array('qty' => $poss_products['products_quantity'],
                                        'name' => str_replace("'", "&#39;", $poss_products['products_name']),
                                        'model' => $poss_products['products_model'],
                                        'tax' => $poss_products['products_tax'],
                                        'price' => $poss_products['products_price'],
                                        'final_price' => $poss_products['final_price'],
                                        'pos_products_id' => $poss_products['pos_products_id']);

    $subindex = 0;
    $attributes_query_string = "select * from " . TABLE_POS_PRODUCTS_ATTRIBUTES . " where pos_id = '" . (int)$posID . "' and pos_products_id = '" . (int)$poss_products['pos_products_id'] . "'";
    $attributes_query = tep_db_query($attributes_query_string);

    if (tep_db_num_rows($attributes_query)) {
    while ($attributes = tep_db_fetch_array($attributes_query)) {
      $pos->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options'],
                                                               'value' => $attributes['products_options_values'],
                                                               'prefix' => $attributes['price_prefix'],
                                                               'price' => $attributes['options_values_price'],
                                                               'orders_products_attributes_id' => $attributes['orders_products_attributes_id']);
    $subindex++;
    }
    }
    $index++;
    }

  for ($i=0; $i<sizeof($pos->products); $i++) {
    $pos_products_id = $pos->products[$i]['pos_products_id'];

    $RowStyle = "dataTableContent";

    echo '    <tr class="dataTableRow">' . "\n" ;
 if (ORDER_EDIT_EDT_PRICE == '1'){
   echo   '      <td class="' . $RowStyle . '" valign="top" align="right">' . "<input name='update_products[$pos_products_id][qty]' type='input' size='2' value='" . $pos->products[$i]['qty'] . "'>&nbsp;x</td>\n" .
          '      <td class="' . $RowStyle . '" valign="top">' . "<input name='update_products[$pos_products_id][name]' type='input' size='25' value='" . $pos->products[$i]['name'] . "'>";
  }else{
   echo   '      <td class="' . $RowStyle . '" valign="top" align="right">' . "<input name='update_products[$pos_products_id][qty]' size='2' value='" . $pos->products[$i]['qty'] . "'>&nbsp;x</td>\n" .
        '      <td class="' . $RowStyle . '" valign="top">' . $pos->products[$i]['name'] . "<input name='update_products[$pos_products_id][name]' type='hidden' size='25' value='" . $pos->products[$i]['name'] . "'>";
}
    // Has Attributes?
   if (isset($pos->products[$i]['attributes'])){
    if (sizeof($pos->products[$i]['attributes']) > 0) {
      for ($j=0; $j<sizeof($pos->products[$i]['attributes']); $j++) {
        $poss_products_attributes_id = $pos->products[$i]['attributes'][$j]['orders_products_attributes_id'];
        echo '<br><small>&nbsp;<i> - ' . $pos->products[$i]['attributes'][$j]['option'] . ' : ' . $pos->products[$i]['attributes'][$j]['value'] . ' ' . $pos->products[$i]['attributes'][$j]['prefix'] . ' ' . $currencies->format($pos->products[$i]['attributes'][$j]['price']) ;
        echo '</i></small>';
      }
    }
  }
if (ORDER_EDIT_EDT_PRICE == '1'){
  $edit_price =   ('      <td class="' . $RowStyle . '" align="right" valign="top">' . "<input name='update_products[$pos_products_id][final_price]' size='5' value='" . number_format($pos->products[$i]['final_price'], 2, '.', '') . "'>" . '</td>');


} else {
  $edit_price =   ('      <td class="' . $RowStyle . '" align="right" valign="top">' . $currencies->format($pos->products[$i]['final_price'], 1, $pos->info['currency'], $pos->info['currency_value']) . "<input name='update_products[$pos_products_id][final_price]' type='hidden' size='5' value='" . number_format($pos->products[$i]['final_price'], 2, '.', '') . "'>" . '</td>' );
}

    echo '      </td>' . "\n" .
         '      <td class="' . $RowStyle . '" valign="top">' . $pos->products[$i]['model'] . "<input name='update_products[$pos_products_id][model]' type='hidden' size='12' value='" . $pos->products[$i]['model'] . "'>" . '</td>' . "\n" .
         '      <td class="' . $RowStyle . '" align="center" valign="top">' . "<input name='update_products[$pos_products_id][tax]' size='3' value='" . tep_display_tax_value($pos->products[$i]['tax']) . "'>" . '</td>' . "\n" .
         '      <td class="' . $RowStyle . '" align="right" valign="top">' . $currencies->format($pos->products[$i]['price'], 1, $pos->info['currency'], $pos->info['currency_value']). "<input name='update_products[$pos_products_id][price]' type='hidden' size='5' value='" . number_format($pos->products[$i]['price'], 2, '.', '') . "'>" . '</td>' . "\n" .
         $edit_price . "\n" .
         '      <td class="' . $RowStyle . '" align="right" valign="top">' . $currencies->format($pos->products[$i]['final_price'] * $pos->products[$i]['qty'], 1, $pos->info['currency'], $pos->info['currency_value']) . '</td>' . "\n" ;
     if ( DISPLAY_PRICE_WITH_TAX == 'true'){
    echo '      <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format(tep_add_tax($pos->products[$i]['final_price'], $pos->products[$i]['tax']) * $pos->products[$i]['qty'], 1, $pos->info['currency'], $pos->info['currency_value']) . '</b></td>' . "\n";
      }
    echo '    </tr>' . "\n";
  }
  ?>
  </tr>
          <td align='center' valign='top'><br><?php echo '<a href="' . tep_href_link(FILENAME_CREATE_POS_ORDERS, 'posID=' . $_GET['posID'] . '&action=add_product&step=1') . '">'. tep_image_button('button_add_product.gif', 'Add a product') . '&nbsp;</a></td>' ;?>

  <tr>
        </table></td>
    </tr>
  <!-- End Products Listings Block -->
        <tr>
    <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
        </tr>

<!-- Begin Payment Block -->
  <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
    <tr>
      <td>
      Payment
      </td>
     </tr>
    <tr>
        <td>        <table border="0" cellspacing="0" cellpadding="2" class="infoBox">
          <tr valine="left">

             <td class="main"><b><?php echo ENTRY_PAYMENT_METHOD; ?></b></td>
            <?php
            //list exsisting payment if not in current order_pay_methods table
            $poss_pay_methodA[] = array('id'   => $pos->info['payment_method'],
                                                          'text' => $pos->info['payment_method']);
            $poss_pay_method1 = array_merge($poss_pay_methodA, $poss_pay_method) ;
            ?>
            <td class="main"><?php echo tep_draw_pull_down_menu('update_info_payment_method', $poss_pay_method1, $pos->info['payment_method']); ?>
              <?php
              echo tep_image_submit('button_update.gif', IMAGE_UPDATE);
              if($pos->info['payment_method'] != "Credit Card") {
                echo TEXT_VIEW_CC;
              }
              if($pos->info['payment_method'] != "Purchase Order") {
                echo TEXT_VIEW_PO;
              }
               ?>
             </td>
           </tr>
  <?php if ($pos->info['cc_type'] || $pos->info['cc_owner'] || $pos->info['payment_method'] == "Credit Card" || $pos->info['cc_number']) { ?>
    <!-- Begin Credit Card Info Block -->
    <tr>
      <td colspan="3"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
    </tr>
    <tr>
      <td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td>
      <td class="main"><input name='update_info_cc_type' size='10' value='<?php echo $pos->info['cc_type']; ?>'></td>
    </tr>
    <tr>
      <td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td>
      <td class="main"><input name='update_info_cc_owner' size='20' value='<?php echo $pos->info['cc_owner']; ?>'></td>
    </tr>
    <tr>
<?php
unset ($cc_number7) ;

                   if ( ($pos->info['cc_number'] == '' ) || ((PAYMENT_CC_CRYPT == 'True') && (ereg ("([0-9]{6})", $pos->info['cc_number'])) && !($pos->info['cc_number'] == '0000000000000000') )) {
                 $cc_number7 = $pos->info['cc_number'];
                 $text_encypt3 = TEXT_CARD_NOT_ENCRPYT ;

              }else if ( (PAYMENT_CC_CRYPT == 'True') && !(ereg ("([0-9]{6})", $pos->info['cc_number']) ) ) {
           $cc_number7 = cc_decrypt($pos->info['cc_number']);
           $text_encypt3= TEXT_CARD_ENCRPYT;

          }else if($pos->info['cc_number'] == '0000000000000000') {
            $cc_number7 = $pos->info['cc_number'];
          $text_encypt3= TEXT_CCV_REMOVED;

           }else{
            $cc_number7 = $pos->info['cc_number'];
            $text_encypt3 = TEXT_CARD_NOT_ENCRPYT ;
                  }
                  ?>
            <td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>
      <td class="main"><input name='update_info_cc_number' size='20' value='<?php echo $cc_number7; ?>'></td>
            <td class="main"><?php echo $text_encypt3 ; ?></td>
          </tr>
          <tr>
       <?php
                   if ( ($pos->info['cc_expires'] == '' ) || ( (PAYMENT_CC_CRYPT == 'True') && (ereg ("([0-9]{4})", $pos->info['cc_expires'])) ) ){
                 $cc_expires7 = $pos->info['cc_expires'];
                 $text_encypt4 = TEXT_EXPIRES_NOT_ENCRPYT ;

              }else if ( (PAYMENT_CC_CRYPT == 'True') && !(ereg ("([0-9]{4})", $pos->info['cc_expires'])) && !($pos->info['cc_expires'] == '')  ) {
           $cc_expires7 = cc_decrypt($pos->info['cc_expires']);
           $text_encypt4= TEXT_EXPIRES_ENCRPYT;

          }else if($pos->info['cc_expires'] == '') {
           $cc_expires7 = $pos->info['cc_expires'];
           $text_encypt4 =  TEXT_EXPIRES_REMOVED ;

              }else{
           $cc_expires7 =$pos->info['cc_expires'];
           $text_encypt4 =  TEXT_EXPIRES_NOT_ENCRPYT ;
                  }
                  ?>

            <td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td>
      <td class="main"><input name='update_info_cc_expires' size='4' value='<?php echo $cc_expires7; ?>' maxlength="5" /></td>
            <td class="main"><?php echo $text_encypt4; ?></td>

          </tr>
                    <tr>
           <?php
                         if ( ($pos->info['cc_ccv'] == '' ) || ((PAYMENT_CC_CRYPT == 'True') && (ereg ("([0-9]{3})", $pos->info['cc_ccv'])) ) ){
                     $cc_ccv7 = $pos->info['cc_ccv'];
                     $text_encypt5 = TEXT_CCV_NOT_ENCRPYT ;

                  }else if ( (PAYMENT_CC_CRYPT == 'True') &&  !(ereg ("([0-9]{3})", $pos->info['cc_ccv'])) && !($pos->info['cc_ccv'] == '')  ) {
               $cc_ccv7 = cc_decrypt($pos->info['cc_ccv']);
               $text_encypt5= TEXT_CCV_ENCRPYT;

              }else if($pos->info['cc_ccv'] == '') {
               $cc_ccv7 = $pos->info['cc_ccv'];
           $text_encypt5= TEXT_CCV_REMOVED;

              }else {
               $cc_ccv7 =$pos->info['cc_ccv'];
               $text_encypt5=  TEXT_CCV_NOT_ENCRPYT;
                      }
                      ?>

                <td class="main"><?php echo ENTRY_CREDIT_CARD_CCV; ?></td>
                <td class="main"><input name='update_info_cc_ccv' size='4' value='<?php echo $cc_ccv7; ?>' maxlength="4" /></td>
                <td class="main"><?php echo $text_encypt5; ?></td>
              </tr>
              <tr>
            <td class="main"><?php echo ENTRY_CREDIT_CARD_START_DATE; ?></td>
            <td class="main" colspan="2"><input name='update_info_cc_start' size='4' value='<?php echo $pos->info['cc_start']; ?>'></td>
          </tr>
          <tr>
            <td class="main"><?php echo ENTRY_CREDIT_CARD_ISSUE; ?></td>
            <td class="main" colspan="2"><input name='update_info_cc_issue' size='4' value='<?php echo $pos->info['cc_issue']; ?>'></td>
          </tr>
          <!-- End Credit Card Info Block -->
            <?php
           } else if( ((isset($pos->info['account_name']) && $pos->info['account_name']) || (isset($pos->info['account_number']) && $pos->info['account_number']) || (isset($pos->info['payment_method']) && ($pos->info['payment_method']) == "Purchase Order")|| (isset($pos->info['po_number']) && $pos->info['po_number'])) ) {
            ?>
    <tr>
          <td colspan="3"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
    </tr>
    <tr>
    <td class="main" valign="top" align="left"><b><?php echo TEXT_INFO_PO ?></b></td>
    <td>
    <table border="0" cellspacing="0" cellpadding="2">
    <tr>
      <td width="10"><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
      <td class="main"><?php echo TEXT_INFO_NAME ?></td>
      <td><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
      <td class="main"><input type="text" name="account_name" value='<?php echo (isset($pos->info['account_name']) ? $pos->info['account_name'] : ''); ?>'></td></td>
      <td width="10"><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
    </tr>
    <tr>
      <td width="10"><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
      <td class="main"><?php echo TEXT_INFO_AC_NR ?></td>
      <td><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
      <td class="main"><input type="text" name="account_number" value='<?php echo (isset($pos->info['account_number']) ? $pos->info['account_number'] : ''); ?>'></td>
      <td width="10"><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
    </tr>
    <tr>
      <td width="10"><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
      <td class="main"><?php echo TEXT_INFO_PO_NR ?></td>
      <td><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
      <td class="main"><input type="text" name="po_number" value='<?php echo (isset($pos->info['po_number']) ? $pos->info['po_number'] : ''); ?>'></td>
      <td width="10"><img src="images/pixel_trans.gif" border="0" alt="" width="10" height="1"></td>
                </tr>
              </table></td>
            </tr>
             <?php
          }

      ?>
      </table></td>
    </tr>
    <!-- End Payment Block -->
    <tr>
      <td colspan="3"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
    </tr>

     <!-- begin Shipping Block -->
    <tr>
      <td align="right">
        <table border="0" cellspacing="0" cellpadding="2" width="100%">
        <tr>
        <td align='leftt'>

      Shipping block
        </td>
        </tr>

       </table></td>
    </tr>

       <!-- End SHipping Block -->

    <tr>
      <td colspan="3"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
    </tr>

  <!-- Begin Order Total Block -->
    <tr>
      <td align="right" colspan="8">
        <table border="0" cellspacing="0" cellpadding="2" width="100%">
        <tr>
        <td align='right'>
        <table border="0" cellspacing="0" cellpadding="2">
<?php

        // Override order.php Class's Field Limitations
    $totals_query = tep_db_query("select * from " . TABLE_POS_TOTAL . " where pos_id = '" . (int)$posID . "' order by sort_order");
    $pos->totals = array();
    while ($totals = tep_db_fetch_array($totals_query)) { $pos->totals[] = array('title' => $totals['title'], 'text' => $totals['text'], 'class' => $totals['class'], 'value' => $totals['value'], 'orders_total_id' => $totals['orders_total_id']); }

  $TotalsArray = array();
  for ($i=0; $i<sizeof($pos->totals); $i++) {
    $TotalsArray[] = array("Name" => $pos->totals[$i]['title'], "Price" => number_format($pos->totals[$i]['value'], 2, '.', ''), "Class" => $pos->totals[$i]['class'], "TotalID" => $pos->totals[$i]['orders_total_id']);
    $TotalsArray[] = array("Name" => "          ", "Price" => "", "Class" => "ot_custom", "TotalID" => "0");
  }

  array_pop($TotalsArray);
  foreach($TotalsArray as $TotalIndex => $TotalDetails)
  {
    $TotalStyle = "smallText";
    if(($TotalDetails["Class"] == "ot_subtotal") || ($TotalDetails["Class"] == "ot_total"))
    {
      echo  '       <tr>' . "\n" .
        '   <td class="main" align="right"><b>' . $TotalDetails["Name"] . '</b></td>' .
        '   <td class="main" align="right"><b>' . $TotalDetails["Price"] .
            "<input name='update_totals[$TotalIndex][title]' type='hidden' value='" . trim($TotalDetails["Name"]) . "' >" .
            "<input name='update_totals[$TotalIndex][value]' type='hidden' value='" . $TotalDetails["Price"] . "' size='6' >" .
            "<input name='update_totals[$TotalIndex][class]' type='hidden' value='" . $TotalDetails["Class"] . "'>\n" .
            "<input type='hidden' name='update_totals[$TotalIndex][total_id]' value='" . $TotalDetails["TotalID"] . "'>" . '</b></td>' .
        '       </tr>' . "\n";
    }
    elseif($TotalDetails["Class"] == "ot_customer_discount")
        {
          echo  '       <tr>' . "\n" .
            '   <td class="main" align="right"><font color="#FF0000">' . ENTRY_CUSTOMER_DISCOUNT . '<b>' . $TotalDetails["Name"] . '</b></font></td>' .
            '   <td align="right" SPAN class="' . $TotalStyle . '">' . "<input name='update_totals[$TotalIndex][value]' size='6' value=' " . $TotalDetails["Price"] . "'></SPAN>" .
                "<input name='update_totals[$TotalIndex][title]' type='hidden' value='" . trim($TotalDetails["Name"]) . "' >" .
                "<input name='update_totals[$TotalIndex][class]' type='hidden' value='" . $TotalDetails["Class"] . "'>\n" .
                "<input type='hidden' name='update_totals[$TotalIndex][total_id]' value='" . $TotalDetails["TotalID"] . "'>" . '</b></td>' .
            '       </tr>' . "\n";
    }
//discounts
    elseif(($TotalDetails["Class"] == "ot_gv") || ($TotalDetails["Class"] == "ot_coupon"))
        {
          echo  '       <tr>' . "\n" .
            '   <td class="main" align="right">' . ENTRY_CUSTOMER_GV . '<b>' . $TotalDetails["Name"] . '</b></td>' .
            '   <td align="right" class="' . $TotalStyle . '">' . "<input name='update_totals[$TotalIndex][value]' size='6' value=' " . $TotalDetails["Price"] . "'>" .
                "<input name='update_totals[$TotalIndex][title]' type='hidden' value='" . trim($TotalDetails["Name"]) . "' >" .
                "<input name='update_totals[$TotalIndex][class]' type='hidden' value='" . $TotalDetails["Class"] . "'>\n" .
                "<input type='hidden' name='update_totals[$TotalIndex][total_id]' value='" . $TotalDetails["TotalID"] . "'>" . '</b></td>' .
            '       </tr>' . "\n";
    }
    elseif($TotalDetails["Class"] == "ot_tax")
 //taxes
    {
      echo  '       <tr>' . "\n" .
        '   <td class="main" align="right"><b>' . $TotalDetails["Name"] . '</b></td>' .
        '   <td class="main" align="right"><b>' . $TotalDetails["Price"] .
            "<input name='update_totals[$TotalIndex][title]' type='hidden' value='" . trim($TotalDetails["Name"]) . "' >" .
            "<input name='update_totals[$TotalIndex][value]' type='hidden' value='" . $TotalDetails["Price"] . "' size='6' >" .
            "<input name='update_totals[$TotalIndex][class]' type='hidden' value='" . $TotalDetails["Class"] . "'>\n" .
            "<input type='hidden' name='update_totals[$TotalIndex][total_id]' value='" . $TotalDetails["TotalID"] . "'>" . '</b></td>' .
        '       </tr>' . "\n";
    }
        //  Shipping
    elseif($TotalDetails["Class"] == "ot_shipping")
    {
      //list exsisting shipping if not in current order_ship_meahtods table
           $poss_ship_methodA[] = array('id'   => $TotalDetails["Name"],
                                                    'text' => $TotalDetails["Name"]);

                  //  $poss_ship_method1 = array_merge($poss_ship_method, $poss_ship_methodA) ;
                  // check to see if meathod in totals  is in same as in order_ship_meahtods table
                          // if 0 merge if 1 dont merge

                         $poss_ship_method1 = array_merge($poss_ship_methodA, $poss_ship_method) ;


      echo  ' <tr>' . "\n" .
          '       <td align="right" class="' . $TotalStyle . '"><b><?php echo HEADING_SHIPPING ?></b>' . tep_draw_pull_down_menu('update_totals[$TotalIndex][title]', $poss_ship_method1, $TotalDetails["Name"]) . '</td>' . "\n";
      echo  ' <td align="right" class="' . $TotalStyle . '">' . "<input name='update_totals[$TotalIndex][value]' size='6' value='" . $TotalDetails["Price"] . "'>" .
            "<input type='hidden' name='update_totals[$TotalIndex][class]' value='" . $TotalDetails["Class"] . "'>" .
            "<input type='hidden' name='update_totals[$TotalIndex][total_id]' value='" . $TotalDetails["TotalID"] . "'>" . '</td>' .
        '       </tr>' . "\n";
    }
    // End Shipping
    else
    {
      echo  '       <tr>' . "\n" .
          '   <td class="main" align="right"><b>' . $TotalDetails["Name"] . '</b></td>' .
        '   <td align="right" class="' . $TotalStyle . '">' . "<input type='hidden' name='update_totals[$TotalIndex][value]' size='6' value='" . $TotalDetails["Price"] . "'>" .
            "<input type='hidden' name='update_totals[$TotalIndex][title]' value='" . trim($TotalDetails["Name"]) . "' >" .
            "<input type='hidden' name='update_totals[$TotalIndex][class]' value='" . $TotalDetails["Class"] . "'>" .
            "<input type='hidden' name='update_totals[$TotalIndex][total_id]' value='" . $TotalDetails["TotalID"] . "'>" .
            '</td>' . "\n" .
        '       </tr>' . "\n";
    }
  }
?>
        </table>
        </td>
        </tr>
        </table>
      </td>
    </tr>
  <!-- End Order Total Block -->

  </table></td>
      </tr>

      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
      </tr>
  <!-- status block -->
      <tr>
        <td class="main"><br><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
      </tr>
      <tr>
        <td class="main">
<?php
            echo tep_draw_textarea_field('comments', 'soft', '60', '5');
?>
        </td>
      </tr>
      <tr>
        <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
      </tr>
      <tr>
 <!-- status block -->

      <tr>
  <td colspan="3" align="right">
  <?php echo '<a href="' . tep_href_link(FILENAME_POS_ORDERS_PROCESS, 'posID=' . $_GET['posID'] . '&action=process') . '">' . tep_image_button('button_removeccinfo.gif', 'Confirm Order') .
  '<a href="' . tep_href_link(FILENAME_CREATE_POS_ORDERS, 'posID=' . $_GET['posID'] . '&action=deleteccinfo') . '">' . tep_image_button('button_removeccinfo.gif', 'RemoveCVV') .
  '&nbsp;</a>' . tep_image_submit('button_update.gif', IMAGE_UPDATE) . '&nbsp;<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action')),  'SSL') . '">' .
  tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?>


  </td>
  </tr>
  <tr>
  <td colspan="3" align="right"><?php
    if (isset($_GET[tep_session_name()])) {
      $oscid = '&' . tep_session_name() . '=' . $_GET[tep_session_name()];
    } else {
      $oscid = '';
    }
    echo ' </a> <a href="javascript:popupWindow(\'' .  (HTTP_SERVER . DIR_WS_ADMIN . FILENAME_ORDERS_INVOICE) . '?' . (tep_get_all_get_params(array('posID')) . 'posID=' . $_GET['posID']) . $oscid . '\')">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a><a href="javascript:popupWindow(\'' .  (HTTP_SERVER . DIR_WS_ADMIN . FILENAME_ORDERS_PACKINGSLIP) . '?' . (tep_get_all_get_params(array('posID')) . 'posID=' . $_GET['posID']) . $oscid . '\')">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a>'; ?></td>



    </tr>
      </form>
<?php
  }
//************************************************** add product ****************************
if($action == "add_product")
{

    if (isset($_GET['add_product_categories_id'])) {
      $add_product_categories_id = $_GET['add_product_categories_id'] ;
    }else if (isset($_POST['add_product_categories_id'])){
      $add_product_categories_id = $_POST['add_product_categories_id'] ;
    } else {
      $add_product_categories_id  = '' ;
    }

    if (isset($_GET['add_product_products_id'])) {
      $add_product_products_id = $_GET['add_product_products_id'] ;
    }else if (isset($_POST['add_product_products_id'])){
      $add_product_products_id = $_POST['add_product_products_id'] ;
    } else {
      $add_product_products_id  = '' ;
    }
  $customer_id = $pos->customer['id'];
   //gets customer group ID
?>
      <tr>
        <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td class="pageHeading"><?php echo ADDING_TITLE; ?> #<?php echo $posID; ?></td>
            <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
            <td class="pageHeading" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action', 'add_product')), 'SSL') . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>
          </tr>
        </table></td>
      </tr>

<?php
  // ############################################################################
  //   Get List of All Products
  // ############################################################################
  $parent_ids = array();
  $parent_query = tep_db_query("SELECT DISTINCT products_parent_id
                                FROM " . TABLE_PRODUCTS . "
                                WHERE products_parent_id <> 0");
  while($parent = tep_db_fetch_array($parent_query)) {
    $parent_ids[$parent['products_parent_id']] = 1;
  }
  ksort($parent_ids);

    $result = tep_db_query("SELECT
     pd.products_name,
     p.products_id,
     cd.categories_name,
     ptc.categories_id
    FROM " . TABLE_PRODUCTS . " p,
         " . TABLE_PRODUCTS_DESCRIPTION . " pd,
         " . TABLE_PRODUCTS_TO_CATEGORIES . " ptc,
         " . TABLE_CATEGORIES_DESCRIPTION . " cd
    where cd.categories_id=ptc.categories_id
     and ptc.products_id=p.products_id
     and (p.products_status = '1'
     or (p.products_status <> '1' and p.products_parent_id <> 0))
     and p.products_id=pd.products_id
     and pd.language_id = '" . (int)$languages_id . "'
                            and cd.language_id = '" . (int)$languages_id . "'
    ORDER BY cd.categories_name");
    while($row = tep_db_fetch_array($result))
    {
//      if (tep_db_num_rows($result_new) > 0) {
      if (isset($parent_ids[$row['products_id']])) {
        continue;
      }
      extract($row,EXTR_PREFIX_ALL,"db");
      $ProductList[$db_categories_id][$db_products_id] = $db_products_name;
      $CategoryList[$db_categories_id] = $db_categories_name;
      $LastCategory = $db_categories_name;
    }
    $LastOptionTag = "";
    $ProductSelectOptions = "<option value='0'>".DONT_ADD_NEW_PRODUCT . $LastOptionTag . "\n";
    $ProductSelectOptions .= "<option value='0'>&nbsp;" . $LastOptionTag . "\n";
    foreach($ProductList as $Category => $Products)
    {
      $ProductSelectOptions .= "<option value='0'>$Category" . $LastOptionTag . "\n";
      $ProductSelectOptions .= "<option value='0'>---------------------------" . $LastOptionTag . "\n";
      asort($Products);
      foreach($Products as $Product_ID => $Product_Name)
      {
        $ProductSelectOptions .= "<option value='$Product_ID'> &nbsp; $Product_Name" . $LastOptionTag . "\n";
      }

      if($Category != $LastCategory)
      {
        $ProductSelectOptions .= "<option value='0'>&nbsp;" . $LastOptionTag . "\n";
        $ProductSelectOptions .= "<option value='0'>&nbsp;" . $LastOptionTag . "\n";
      }
    }


  // ############################################################################
  //   Add Products Steps
  // ############################################################################

    echo '<tr><td><table border=\'0\'>' . "\n";
    ?>
      <tr>
        <td width="100%"><table class="main" border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td class="main" align="right"><b><?php echo ADDPRODUCT_TEXT_PROGRESS ;?> </B></td>
            <td class="main" align="left">
            <?php
            if ($step == 1){
            echo '&nbsp;<b>' . ADDPRODUCT_TEXT_STEP_1 . '</b>' .  '&nbsp;' . ADDPRODUCT_TEXT_STEP_2  . '&nbsp;' . ADDPRODUCT_TEXT_STEP_3 . '&nbsp;' . ADDPRODUCT_TEXT_STEP_4  ;
            }
            if ($step == 2){
             echo '<a href="' . tep_href_link(FILENAME_CREATE_POS_ORDERS, tep_get_all_get_params() . 'step=1&add_product_categories_id='. $add_product_categories_id ) . '">' . '&nbsp;' . ADDPRODUCT_TEXT_STEP_1 . ' </a>' .  '&nbsp;<b>' . ADDPRODUCT_TEXT_STEP_2  . '</b>'. '&nbsp; ' . ADDPRODUCT_TEXT_STEP_3 . '&nbsp;' . ADDPRODUCT_TEXT_STEP_4 ;
            }
            if ($step == 3){
             echo '<a href="' . tep_href_link(FILENAME_CREATE_POS_ORDERS, tep_get_all_get_params() . 'step=1&add_product_categories_id='. $add_product_categories_id ) . '">' . '&nbsp;' . ADDPRODUCT_TEXT_STEP_1 . '</a>' .  '<a href="' . tep_href_link(FILENAME_CREATE_POS_ORDERS, tep_get_all_get_params() . 'step=2&add_product_categories_id='. $add_product_categories_id . '&add_product_products_id='. $add_product_products_id) . '">' . '&nbsp;' . ADDPRODUCT_TEXT_STEP_2  . '</a>' . '&nbsp;<b>' . ADDPRODUCT_TEXT_STEP_3 . '</b>'  . '&nbsp;' . ADDPRODUCT_TEXT_STEP_4;
            }
            if ($step == 4){
             echo '<a href="' . tep_href_link(FILENAME_CREATE_POS_ORDERS, tep_get_all_get_params() . 'step=1&add_product_categories_id='. $add_product_categories_id ) . '">' . '&nbsp;' . ADDPRODUCT_TEXT_STEP_1 . '</a>' .   '<a href="' . tep_href_link(FILENAME_CREATE_POS_ORDERS, tep_get_all_get_params() . 'step=2&add_product_categories_id='. $add_product_categories_id . '&add_product_products_id='. $add_product_products_id ) . '">' . '&nbsp;' . ADDPRODUCT_TEXT_STEP_2  . '</a>' .  '<a href="' . tep_href_link(FILENAME_CREATE_POS_ORDERS, tep_get_all_get_params() . 'step=3&add_product_categories_id='. $add_product_categories_id . '&add_product_products_id='. $add_product_products_id ) . '">' . '&nbsp;' . ADDPRODUCT_TEXT_STEP_3 . '</a>' . '&nbsp;<b> ' . ADDPRODUCT_TEXT_STEP_4. '</b>';
            }


            ; ?></td>
           <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

          </tr>
        </table></td>
      </tr>
<?php
// add a product
//**************************************************step 1 ****************************
if ($step == 1){
 echo tep_draw_form('add_product', FILENAME_CREATE_POS_ORDERS, 'posID='.$posID . '&action=add_product', 'post', '', 'SSL');
;?>
  <tr>
      <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td class="dataTableContent" align="left"></td>
            <td align="left" class="dataTableContent"><?php echo ADDPRODUCT_TEXT_SELECT_PRODUCT; ?></td>
            <td align="left" class="dataTableContent"><?php echo tep_draw_input_field('add_product_products_id', $add_product_products_id); ?> <input type=button name=open_popup ONCLICK="window.open('<?php echo tep_href_link('treeview_pos.php', tep_get_all_get_params(array('action', 'add_product'))) ;?>', 'popuppage', 'scrollbars=yes,resizable=yes,menubar=yes,width=400,height=600'); " value="<?php echo ADDPRODUCT_TEXT_GET_PRODUCT ;?> ">
         <input type="hidden" name="step" value="3">
         <input type="hidden" name="posID" value="<?php echo $posID ;?>">
         <input type="submit" value="<?php echo ADDPRODUCT_TEXT_PRODUCT_CONFIRM ?>">  </td>
        </tr>
      </table> </td>
 </tr>
 </form>
<?php
}
//**************************************************step 2 ****************************
// Step 3: Show product selected
if ($step == 3){

  if (isset($_GET['qty'])) {
    $qty = $_GET['qty'] ;
    }else if (isset($_POST['qty'])){
    $qty = $_POST['qty'] ;
    } else {
    $qty = '1' ;
   }
   if (isset($_POST['add_product_products_price'])){
   $p_products_price = $_POST['add_product_products_price'];
   }

// Eversun mod for show product price
    if ($add_product_products_id > 0) {

       $special_price = tep_get_products_special_price($add_product_products_id, $customer_group_id);

      if ( (isset($special_price )) && ($special_price > 0)) {
          $p_products_price = $special_price;
         } else {

        }
   }
//if price is 0, get the regular price
if($p_products_price == 0){
    $product_price_query = tep_db_query("select products_price from " . TABLE_PRODUCTS . " where products_id = '" . $add_product_products_id . "'");
    if (tep_db_num_rows($product_price_query)) {
      $product_price = tep_db_fetch_array($product_price_query);
    $p_products_price = $product_price['products_price'];
    }
}

    $p_products_price = $currencies->format($p_products_price);
    $products_name_step = tep_get_products_name($add_product_products_id, (int)$languages_id);

// check to see if product has attibutes
          $products_id_tmp = $add_product_products_id;

                   if(tep_subproducts_parent($products_id_tmp)){
                    $products_id_query = tep_subproducts_parent($products_id_tmp);
                    }else{
                    $products_id_query = $products_id_tmp;
                    }

$result_attributes = tep_db_query("SELECT * FROM
" . TABLE_PRODUCTS_ATTRIBUTES . " pa
WHERE
pa.products_id = '" . $products_id_query . "'");

$product_has_attributes = 0;

if(tep_db_num_rows($result_attributes) > 0) {
$product_has_attributes = 1;
}

  echo tep_draw_form('add_product', FILENAME_CREATE_POS_ORDERS, 'posID='.$posID . '&action=add_product', 'post', '', 'SSL');

;?>
<td width="100%" align="left"><table border="0" width="100%" cellspacing="0" cellpadding="0">
        <tr>
         <td class="main" align="left">
         <?php    echo '<b>' .TEXT_ADD_PROD. '</b>' .$add_product_products_id . '&nbsp;&nbsp;<b>' . TEXT_ADD_PROD_NAME .'</b>&nbsp;' . $products_name_step . '&nbsp;&nbsp;<b>' . TEXT_ADD_PROD_PRICE .'</b>&nbsp;' . $p_products_price. '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>'; ?>
         </td>
        </tr>
   </table></td>
    </tr>
    <tr>
     <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
           <tr class="dataTableRow">
<?php
if ($product_has_attributes == 1) {

    $products_name_step = tep_get_products_name($add_product_products_id, (int)$languages_id);
    $products_id_tmp = $add_product_products_id;

      if(tep_subproducts_parent($products_id_tmp)){
         $products_id_query = tep_subproducts_parent($products_id_tmp);
       }else{
         $products_id_query = $products_id_tmp;
        }
$result = tep_db_query("SELECT * FROM
" . TABLE_PRODUCTS_ATTRIBUTES . " pa,
" . TABLE_PRODUCTS_OPTIONS . " po,
" . TABLE_PRODUCTS_OPTIONS_TEXT . " pot,
" . TABLE_PRODUCTS_OPTIONS_VALUES . " pov
WHERE
pa.products_id = '" . $products_id_query . "' and
pa.options_id = po.products_options_id and
pa.options_id = pot.products_options_text_id and
pa.options_values_id =pov.products_options_values_id
order by pa.products_options_sort_order, po.products_options_sort_order
");

    while($row = tep_db_fetch_array($result))
      {
       extract($row,EXTR_PREFIX_ALL,"db");
       $Options[$db_products_options_id] = $db_products_options_name;
       $ProductOptionValues[$db_products_options_id][$db_products_options_values_id] = $db_products_options_values_name;
     }

   if (isset($_POST['p_products_price'])){
   $p_products_price = $_POST['p_products_price'];
   }

;?>
     <td class="main"><strong><?php echo TEXT_PRODUCT_OPTIONS; ?></strong></td>
<?php
//Display attibutes in there native format
//intilize variables
$tax_rate = '';
$rows = '';
$cols = '';
          $products_id_tmp = $add_product_products_id;

                   if(tep_subproducts_parent($products_id_tmp)){
                    $products_id_query = tep_subproducts_parent($products_id_tmp);
                    }else{
                    $products_id_query = $products_id_tmp;
                    }

    $products_attributes_query = tep_db_query("select count(*) as total from " . TABLE_PRODUCTS_ATTRIBUTES . " where products_id='" . (int)$products_id_query . "' ");
    $products_attributes = tep_db_fetch_array($products_attributes_query);

     $products_options_query = tep_db_query("select pa.products_attributes_id, pa.options_id, pa.options_values_id, pa.options_values_price, pa.price_prefix, po.options_type, po.options_length, pot.products_options_name, pot.products_options_instruct from
           " . TABLE_PRODUCTS_ATTRIBUTES  . " AS pa,
           " . TABLE_PRODUCTS_OPTIONS  . " AS po,
           " . TABLE_PRODUCTS_OPTIONS_TEXT  . " AS pot
           where pa.products_id = '" . (int)$products_id_query . "'
             and pa.options_id = po.products_options_id
             and po.products_options_id = pot.products_options_text_id
             and pot.language_id = '" . (int)$languages_id . "'
           order by pa.products_options_sort_order, po.products_options_sort_order
           ");

      // Store the information from the tables in arrays for easy of processing
      $options = array();
      $options_values = array();
      while ($po = tep_db_fetch_array($products_options_query)) {
        //  we need to find the values name

        $product_attribute_id = $po['products_attributes_id'];



        if ( $po['options_type'] != 1  && $po['options_type'] != 4 ) {
          $options_values_query = tep_db_query("select products_options_values_name from " . TABLE_PRODUCTS_OPTIONS_VALUES . " where products_options_values_id ='". $po['options_values_id'] . "' and language_id = '" . (int)$languages_id . "'");
          $ov = tep_db_fetch_array($options_values_query);
        } else {
          $ov['products_options_values_name'] = '';
        }
        $options[$po['options_id']] = array('name' => $po['products_options_name'],
                                            'type' => $po['options_type'],
                                            'length' => $po['options_length'],
                                            'instructions' => $po['products_options_instruct'],
                                            'price' => $po['options_values_price'],
                                            'prefix' => $po['price_prefix'],
                                            'attrib_id' => $po['products_attributes_id'],
                                            );

        $options_values[$po['options_id']][$po['options_values_id']] =  array('name' => stripslashes($ov['products_options_values_name']),
                                                                              'price' => $po['options_values_price'],
                                                                              'prefix' => $po['price_prefix'],
                                                                              'attrib_id' => $po['products_attributes_id']);
      }
      if(!isset($tax_rate)) {
        $tax_rate = tep_get_tax_rate($product_info['products_tax_class_id']);
      }

      foreach ($options as $posID => $op_data) {
        switch ($op_data['type']) {

          case 1:
            $maxlength = ( $op_data['length'] > 0 ? ' maxlength="' . $op_data['length'] . '"' : '' );
            $attribute_price = $currencies->display_price($op_data['price'], $tax_rate);
            $tmp_html = '<input type="text" name="add_product_options[' . $op_data['attrib_id'] . ']"' . $maxlength . ' />';
?>
              <tr>
                <td class="main"><?php
                echo $op_data['name'] . ':' . ($op_data['instructions'] != '' ? '<br><span class="smallText">' . $op_data['instructions'] . '</span>' : '' );
                echo ($attribute_price >= 0 ? '<br><span class="smallText">' . $op_data['prefix'] . ' ' . $attribute_price . '</span>' : '' );
                 ;?>
                </td>
                <td class="main"><?php echo $tmp_html;  ?></td>
              </tr>
              <?php
            break;

          case 4:
            if ($op_data['length'] == '') {
             $tmp_html = '<textarea name="add_product_options[' . $op_data['attrib_id'] . ']" wrap="virtual"></textarea>';
            } else {
             $text_area_array = explode(';',$op_data['length']);
             $cols = '';
             $rows = '';
             if ($text_area_array[0] != '') $cols = ' cols="' . $text_area_array[0] . '" ';
             if (isset($text_area_array[1]) && $text_area_array[1] != '') $rows = ' rows="' .
            $text_area_array[1] . '" ';
            $attribute_price = $currencies->display_price($op_data['price'], $tax_rate);

             $tmp_html = '<textarea name="add_product_options[' . $op_data['attrib_id'] . ']" '.$rows.' '.$cols.'"
            wrap="virtual"></textarea>';
            }
?>
              <tr>
                <td class="main">
<?php
                echo $op_data['name'] . ':' . ($op_data['instructions'] != '' ? '<br><span class="smallText">' . $op_data['instructions'] . '</span>' : '' );
                echo ($attribute_price >= 0 ? '<br><span class="smallText">' . $op_data['prefix'] . ' ' . $attribute_price . '</span>' : '' );
;?>
                </td>
                <td class="main" align="center"><?php echo $tmp_html;  ?></td>
              </tr>
<?php
            break;

          case 2:
          //radio buttons
            $tmp_html = '';
            foreach ( $options_values[$posID] as $vID => $ov_data ) {
              if ( (float)$ov_data['price'] == 0 ) {
                  $price = '&nbsp;';
              } else {
                  $price = '(&nbsp;' . $ov_data['prefix'] . '&nbsp;' . $currencies->display_price($ov_data['price'], $tax_rate) . '&nbsp;)';
              }
              $tmp_html .= '<input type="radio" name="add_product_options[' . $ov_data['attrib_id'] . ']" value="' . $vID . '">' . $ov_data['name'] . '&nbsp;' . $price . '<br>';
            } // End of the for loop on the option value
?>
              <tr>
                <td class="main"><?php echo $op_data['name'] . ':' . ($op_data['instructions'] != '' ? '<br><span class="smallText">' . $op_data['instructions'] . '</span>' : '' ); ?></td>
                <td class="main"><?php echo $tmp_html;  ?></td>
              </tr>
<?php
            break;

          case 3:
          //check box
            $tmp_html = '';
            $i = 0;
            foreach ( $options_values[$posID] as $vID => $ov_data ) {
              if ( (float)$ov_data['price'] == 0 ) {
                $price = '&nbsp;';
              } else {
                $price = '(&nbsp;'.$ov_data['prefix'] . '&nbsp;' . $currencies->display_price($ov_data['price'], $tax_rate).'&nbsp;)';
              }
              $tmp_html .= '<input type="checkbox" name="add_product_options[' . $ov_data['attrib_id'] . ']" value="' . $vID . '">' . $ov_data['name'] . '&nbsp;' . $price . '<br>';
              $i++;
            }
?>
              <tr>
                <td class="main"><?php echo $op_data['name'] . ':' . ($op_data['instructions'] != '' ? '<br><span class="smallText">' . $op_data['instructions'] . '</span>' : '' ); ?></td>
                <td class="main"><?php echo $tmp_html;  ?></td>
              </tr>
<?php
            break;

          case 0:
          //drop down select
            $tmp_html = '<select name="add_product_options[' . $op_data['attrib_id'] . ']">';
            foreach ( $options_values[$posID] as $vID => $ov_data ) {
              if ( (float)$ov_data['price'] == 0 ) {
                $price = '&nbsp;';
              } else {
                $price = '(&nbsp; '.$ov_data['prefix'] . '&nbsp;' . $currencies->display_price($ov_data['price'], $tax_rate).'&nbsp;)';
              }
              $tmp_html .= '<option value="' . $ov_data['attrib_id'] . '">' . $ov_data['name'] . '&nbsp;' . $price .'</option>';
            } // End of the for loop on the option values
            $tmp_html .= '</select>';
?>
              <tr>
                <td class="main"><?php echo $op_data['name'] . ':' . ($op_data['instructions'] != '' ? '<br><span class="smallText">' . $op_data['instructions'] . '</span>' : '' ); ?></td>
                <td class="main"><?php echo $tmp_html;  ?></td>
              </tr>
<?php
            break;
        }  //end of switch
      } //end of while
?>
            </table>

        </tr>
        <tr>
           <td class="dataTableContent" align='center'><input type="submit" value="<?php echo SELECT_THESE_OPTIONS ;?>">
             <input type="hidden" name="posID" value="<?php echo $posID ;?>">
              <input type="hidden" name="step" value="4">
              <input type="hidden" name="add_product_products_id" value="<?php echo $add_product_products_id ;?>">
              <input type="hidden" name="product_options" value="1">
              <input type="hidden" name="$products_name_step" value="<?php echo $products_name_step;?>">
              <input type="hidden" name="add_products_price" value="<?php echo $p_products_price ;?>">
             </td>
         </tr>
      </table></td>
    </tr></form>
<?php
  } else { // has attibutes
;?>
        <tr>
            <td class="dataTableContent" align='center' colspan = '3'>
              <input type="submit" value="<?php echo ADDPRODUCT_TEXT_OPTIONS_NOTEXIST ;?>">
              <input type="hidden" name="posID" value="<?php echo $posID ;?>">
              <input type="hidden" name="step" value="4">
              <input type="hidden" name="add_product_products_id" value="<?php echo $add_product_products_id ;?>">
              <input type="hidden" name="product_options" value="0">
              <input type="hidden" name="products_name_step" value="<?php echo $products_name_step;?>">
              <input type="hidden" name="add_products_price" value="<?php echo $p_products_price ;?>">
             </td>
           </tr>
      </table></td>
    </tr></form>
<?php
  } //end  has attibutes
} //end step
//end step 3
//**************************************************step 4 ****************************
// Step 4: Confirm
   if($step == 4){
    $products_name_step = tep_get_products_name($add_product_products_id, (int)$languages_id);
   if (isset($_POST['add_products_price'])){
   $p_products_price = $_POST['add_products_price'];
   }
     ;?>    <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
      <tr class="dataTableRow">
            <?php
            echo  tep_draw_form('select_product', FILENAME_CREATE_POS_ORDERS, 'posID='.$posID . '&action=add_product', 'post', '', 'SSL');
            ;?>
    <td width="100%" colspan= "3"><table border="0" width="100%" cellspacing="0" cellpadding="0">
        <tr>
        <td class="main" align="left">
        <?php    echo '<b>' .TEXT_ADD_PROD. ':</b>&nbsp;' .$add_product_products_id . '&nbsp;&nbsp;<b>&nbsp;' . TEXT_ADD_PROD_NAME .':</b>&nbsp;' . $products_name_step . '&nbsp;&nbsp;<b>' . TEXT_ADD_PROD_PRICE .':</b>&nbsp;' . $p_products_price. '&nbsp;&nbsp;<b>';?>
         </td></tr>
      </table></td>
     </tr><tr>

            <td class="dataTableContent" align="left"></td>
            <td class="dataTableContent" valign="top"><input name="add_product_quantity" size="2" value="1"><?php echo TEXT_ADD_QUANTITY ;?></td>
            <td class="dataTableContent" align="center"><input type="submit" value="<?php echo TEXT_ADD_NOW ;?>">
      <?php
  $product_options = $_POST['product_options'];
  $add_product_options = (isset($_POST['add_product_options']) ? $_POST['add_product_options'] :'') ;

$option_id = '';
$value = '';
$option_value_id = '';


if ( (isset($add_product_options)) && is_array(($add_product_options)) )   {
$key = '';
$value = '';
      while (list($key, $value) = each($_POST['add_product_options'])) {

        if (!is_array($key)) {
          echo tep_draw_hidden_field('add_product_options[' .$key. ']', htmlentities(stripslashes($value), ENT_QUOTES)) . "\n";
        } else {
          while (list($k, $v) = each($value)) {
            echo tep_draw_hidden_field('add_product_options[' .$key. ']' . '[' . $k . ']', htmlentities(stripslashes($v), ENT_QUOTES)) . "\n";
          }
        }
      }
 }
        ;?>
    <input type="hidden" name="posID" value="<?php echo $posID ;?>">
    <input type="hidden" name="add_product_products_id" value="<?php echo $add_product_products_id ;?>">
    <input type="hidden" name="products_name_step" value="<?php echo $products_name_step;?>">
    <input type="hidden" name="add_products_price" value="<?php echo $p_products_price ;?>">
    <input type="hidden" name="step" value="5">
             </td>
             </tr>
         </table></td>
    </tr></form>
        <?php
    }// end step

        print "</table></td></tr>\n";
}// end add product
?>
    </table></td>
<!-- body_text_eof //-->
  </tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php
require(DIR_WS_INCLUDES . 'application_bottom.php');
?>
